package top.shen33.yang.base;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

public class MyShiroRealm extends AuthorizingRealm {


    //角色权限和对应权限添加
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {


//        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//        UserInfo userInfo = (UserInfo) principals.getPrimaryPrincipal();
//        try {
//            List<SysRole> roles = sysRoleService.selectRoleByUser(userInfo);
//            for (SysRole role : roles) {
//                authorizationInfo.addRole(role.getRole());
//            }
//            List<SysPermission> sysPermissions = sysPermissionService.selectPermByUser(userInfo);
//            for (SysPermission perm : sysPermissions) {
//                authorizationInfo.addStringPermission(perm.getPermission());
//            }
//        } catch (Exception e) {
//            e.printStackTrace();
//        }
//        return authorizationInfo;




        //获取登录用户名
        String name = (String) principalCollection.getPrimaryPrincipal();
        //添加角色和权限
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

        //添加角色
        simpleAuthorizationInfo.addRole("admin");

        //添加权限
        simpleAuthorizationInfo.addStringPermission("create");

        return simpleAuthorizationInfo;
    }

    //用户认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken atoken)
            throws AuthenticationException {


//        //获取用户的输入的账号.
//        String username = (String) token.getPrincipal();
////        System.out.println(token.getCredentials());
//        //通过username从数据库中查找 User对象，如果找到，没找到.
//        //实际项目中，这里可以根据实际情况做缓存，如果不做，Shiro自己也是有时间间隔机制，2分钟内不会重复执行该方法
//        EntityWrapper<UserInfo> ew = new EntityWrapper<>();
//        ew.eq("username",username);
//        System.out.println(ew.getSqlSegment());
//        UserInfo userInfo = userInfoService.selectOne(ew);
////        System.out.println("----->>userInfo="+userInfo);
//        if (userInfo == null) {
//            return null;
//        }
//        if (userInfo.getState() == 1) { //账户冻结
//            throw new LockedAccountException();
//        }
//        SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
//                userInfo, //用户名
//                userInfo.getPassword(), //密码
//                ByteSource.Util.bytes(userInfo.getCredentialsSalt()),//salt=username+salt
//                getName()  //realm name
//        );
//        return authenticationInfo;

        UsernamePasswordToken token = (UsernamePasswordToken) atoken;

        String name = token.getUsername();

        if (name == null) {
            return null;
        }
        //这里验证authenticationToken和simpleAuthenticationInfo的信息
        SimpleAuthenticationInfo simpleAuthenticationInfo =
                new SimpleAuthenticationInfo(name, "123456", getName());

        return simpleAuthenticationInfo;

    }
}